1. Who We Are

Munshi IQ is operated by PhronesisCode Solutions, LLC (“we,” “us,” “our”), a company registered in the State of Texas, United States. We provide an AI-powered bookkeeping platform designed for accountants managing small business client books.

For any privacy-related inquiries, contact us at: privacy@munshiiq.com

2. Service Environments

Munshi IQ operates in two distinct environments. This Privacy Policy applies to both. Where practices differ, we note it explicitly.

	Sandbox	Production (Live)
Status	Available now	Not yet live (coming soon)
Purpose	Evaluation with sample data	Managing real client books
Intended data	Fictitious / sample data only	Real client financial data
Data retention	Periodically deleted after 48-hour trial	7 years per IRS requirements
SLA	None (best effort)	Will be defined at launch

3. Data We Collect

3.1 Account Information

Email address, first name, and last name (provided at signup)
Password (managed exclusively by AWS Cognito; we never see, store, or have access to your password)
Firm name, role, and entity type

3.2 Financial Data (uploaded by you)

Bank and credit card transaction descriptions, amounts, and dates
Chart of accounts and trial balance files
Payroll reports
Journal entries
Workpapers and supporting documents (PDF, Excel, images)

3.3 PII in Transaction Descriptions

Transaction descriptions from banks and credit cards frequently contain personally identifiable information (PII) such as individual names (e.g., “VENMO *JOHN DOE,” “CHECK #123 TO SARAH LEE”). We treat all transaction descriptions as potentially containing PII and apply the following safeguards:

PII detection and redaction is applied before any transaction description is sent to an external AI provider
Original (unredacted) descriptions are stored only in our database, never transmitted externally in raw form
Redacted forms are ephemeral, used only for the AI API call and not persisted

3.4 Sandbox-Specific Data

The sandbox environment is pre-loaded with sample data created by us for demonstration purposes. This sample data is entirely fictitious. It does not contain real financial records or real PII.

You may upload your own files to the sandbox. If you choose to upload real financial data, real client records, or files containing PII to the sandbox, you do so entirely at your own risk and responsibility. We strongly recommend using only fictitious or sample data in the sandbox. All sandbox data (including any files you upload) is periodically deleted after the trial period expires and is not recoverable.

3.5 Usage and Log Data

IP address, browser type, device information, and pages visited
Actions taken within the platform (categorization decisions, approvals, corrections)
Timestamps and session duration

4. How We Use Your Data

Account management: to create and maintain your account and firm workspace
AI-assisted categorization: redacted transaction descriptions are sent to an AI provider to generate categorization suggestions with confidence scores (see Section 5)
Audit trail: to maintain a complete record of who categorized each transaction, when, what the AI suggested, and whether the accountant corrected it
Financial reporting: to generate P&L, balance sheet, general ledger, trial balance, and tax-ready reports
Tax-line mapping: to map accounts to IRS form lines (1120, 1120-S, 1065, Schedule C)
Year-end close: to run pre-close validation checks and lock closed fiscal years
Product improvement: aggregated, anonymized usage patterns to improve the platform. We never use individual client financial data for product analytics.
Communication: product launch updates, security alerts, feedback and research requests, and product announcements. We will never sell, rent, or share your contact information with third parties for their marketing purposes.

5. AI Processing and Your Data

Munshi IQ uses artificial intelligence to categorize transactions, generate journal entries, and assist with bookkeeping tasks. We are committed to transparency about how AI interacts with your data:

5.1 What we send to AI providers

Redacted transaction descriptions (PII removed before transmission)
Transaction amounts and dates
Account names from your chart of accounts
Text you voluntarily type into AI-powered features. For example, a description you enter when generating a journal entry, or free-text used during tax-category mapping at onboarding. This input is sent to AWS Bedrock for processing and does not leave the AWS boundary. No additional subprocessor is involved.
We never send: your email, name, firm name, client names, passwords, or any direct identifiers

Important: free-text inputs are not redacted. The PII redaction pipeline (§3.3) runs only on bank-feed transaction descriptions, where third-party PII is unavoidable. Free-text you type into AI-assisted features (journal entry generator, tax-category mapping) is transmitted as you typed it. You are the controller of free-text input. Do not paste names, Social Security numbers, account numbers, or other personally identifiable information of third parties (including your clients’ counterparties) into these fields. See Terms of Service §9.6 for the corresponding obligation.

5.2 No model training on your data

Your data is never used to train AI models. We configure our AI provider agreements to prohibit the use of your data for model training, fine-tuning, or improvement of the provider’s models. Your transaction data is processed, a response is returned, and the provider does not retain your data.

5.3 AI provider

We use AWS Bedrock for AI-powered transaction categorization. AWS Bedrock processes data within your AWS region and does not use your data to train foundation models. For enterprise clients requiring specific data residency, all AI processing remains within your designated AWS region. If we change our AI provider, we will update our subprocessor list (Section 6) and notify registered users at least 30 days in advance.

5.4 Data ownership

All outputs generated by AI from your data belong to you. We do not claim any intellectual property rights over AI-generated categorizations, journal entries, reports, or any other output derived from your financial data. This includes aggregated or derived data: if it came from your data, it is yours.

6. Data Processors and Subprocessors

We use the following third-party services to process data. All subprocessors are bound by data processing agreements (DPAs) that require them to protect your data to standards consistent with this Privacy Policy.

Provider	Purpose	Data Shared	Location
AWS Cognito	Authentication & identity	Email, name, password (encrypted)	US (us-east-1)
AWS RDS	Database hosting	All platform data (encrypted at rest)	US (us-east-1)
AWS S3	File storage (workpapers)	Uploaded documents (encrypted at rest)	US (us-east-1)
AWS ECS	Application hosting	Application runtime	US (us-east-1)
AWS Bedrock	AI transaction categorization	Redacted descriptions, amounts, account names	US (us-east-1)

We do not sell, rent, or trade your data to third parties. Data is shared with subprocessors only as necessary to provide the Service.

We will notify registered users at least 30 days before adding a new subprocessor that handles financial data.

7. Data Retention

Data Type	Sandbox	Production (Live)
Financial records (transactions, JEs, ledger)	Deleted after 48-hour trial	7 years from end of applicable tax year
Account data (email, name, firm)	Deleted with sandbox expiry	Active account + 30 days post-deletion request
Audit trail	Deleted with sandbox expiry	Same as associated financial records (7 years)
Uploaded files (workpapers)	Deleted with sandbox expiry	Same as associated financial records (7 years)
AI categorization logs	Deleted with sandbox expiry	Same as associated financial records (7 years)

Sandbox note: Sandbox deletion is periodic. Data may persist briefly beyond the stated trial period before the cleanup process runs. All sandbox data is deleted via cascade deletion of the firm record and all associated data.

Production note: The 7-year retention period aligns with IRS record-keeping requirements for tax-related financial documents. Data export and post-termination access policies will be defined when the production environment launches. Financial records will be retained for the legally required period even after account closure.

8. Data Security

We implement commercially reasonable administrative, physical, and technical safeguards to protect your data. No system is 100% secure, and we cannot guarantee absolute security. However, we are committed to industry-standard protections appropriate to the sensitivity of financial data.

8.1 Current security measures (all environments)

Authentication via AWS Cognito with RS256 token signing and automatic key rotation
Role-based access control (firm admin, practitioner, viewer)
All API communication over TLS 1.2+
Parameterized database queries (SQL injection prevention)
File upload validation via magic-byte content inspection (prevents malicious file type spoofing)
Closed fiscal year immutability (write-protected with override requiring explicit acknowledgment and audit trail)
PII redaction before external AI API calls
No credentials, API keys, or secrets in application source code

8.2 Production environment (planned)

The production environment will include additional security measures beyond those available in the sandbox:

AES-256 encryption at rest for all data (AWS RDS, S3)
AWS WAF (Web Application Firewall) for DDoS and bot protection
AWS GuardDuty for threat detection and malware scanning on uploads
VPC network isolation with private subnets
Automated daily database backups with point-in-time recovery
SOC 2 Type II compliance (planned, timeline to be announced)
Annual third-party penetration testing
Structured audit logging to persistent storage

8.3 Sandbox environment limitations

The sandbox is a demonstration environment and does not include all production security controls. Specifically, the sandbox does not currently provide:

Encryption at rest
WAF or DDoS protection beyond basic Cloudflare tunnel protections
Malware scanning on file uploads
Automated backups or disaster recovery
Uptime SLA

This is why we strongly recommend using only sample or fictitious data in the sandbox environment.

9. Breach Notification

In the event of a data breach that affects your personal data or financial records:

We will notify affected users via email as soon as reasonably practicable after confirming the breach, and in any case within the timeframes required by applicable law
Notification will include: what data was affected, what happened, what we are doing to remediate, and what steps you should take
We will notify applicable regulatory authorities as required by law (GDPR, CCPA, state breach notification laws)
We will publish a post-incident report for material breaches

Production target: When the production environment launches with full monitoring infrastructure (AWS GuardDuty, CloudTrail, centralized logging), we intend to commit to a 72-hour breach notification window, consistent with GDPR Article 33 requirements.

10. Your Rights

Regardless of your jurisdiction, we provide the following rights to all users:

Access: request a copy of the personal data we hold about you
Correction: request correction of inaccurate data
Deletion: request deletion of your personal data, subject to legal retention requirements for financial records (7-year IRS requirement)
Portability: request your data in a standard, machine-readable format (CSV, Excel, JSON)
Restriction: request that we limit processing of your data while a dispute is resolved
Opt-out: unsubscribe from marketing communications at any time via the link in any email or by contacting us
Object to AI processing: request that transactions not be sent to AI for categorization (manual-only mode)

To exercise any of these rights, contact us at privacy@munshiiq.com. We will respond within 30 days. If we need additional time, we will inform you of the reason and extension period.

GDPR (EU/EEA): If you are located in the EU or EEA, you have additional rights under the General Data Protection Regulation, including the right to lodge a complaint with your local supervisory authority.

CCPA (California): California residents have the right to know what personal information is collected, request deletion, and opt out of the sale of personal information. We do not sell personal information.

11. Cookies and Tracking

We use minimal cookies strictly necessary for the Service to function:

Authentication tokens: session cookies to keep you logged in (strictly necessary, no consent required)
No tracking cookies: we do not use Google Analytics, Facebook Pixel, or any third-party advertising or analytics trackers
No cross-site tracking: we do not track your activity across other websites

12. Children’s Privacy

Munshi IQ is a professional tool designed for accounting professionals. It is not intended for use by individuals under 18 years of age. We do not knowingly collect data from minors. If you believe a minor has provided data to us, contact us and we will delete it promptly.

13. International Data Transfers

All data is currently processed and stored in the United States (AWS us-east-1 region). If you are accessing the Service from outside the United States, your data will be transferred to and processed in the United States. By using the Service, you consent to this transfer.

For enterprise clients with specific data residency requirements, we can discuss dedicated infrastructure in your preferred AWS or Azure region.

14. Changes to This Policy

We may update this Privacy Policy from time to time. For material changes, we will:

Notify registered users via email at least 30 days before changes take effect
Post the updated policy with a revised “Last updated” date
Maintain an archive of previous versions upon request

Continued use of the Service after changes take effect constitutes acceptance of the revised Privacy Policy.

15. Contact

PhronesisCode Solutions, LLC
Privacy inquiries: privacy@munshiiq.com
General inquiries: connect@munshiiq.com